Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
30-07-2024 10:51
Behavioral task
behavioral1
Sample
4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe
Resource
win10v2004-20240704-en
General
-
Target
4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe
-
Size
1.9MB
-
MD5
1993535498451482e2f6bdb33cfedd74
-
SHA1
bddff429a39026754cd9f3f1ee3021e2bb930093
-
SHA256
4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82
-
SHA512
47aaf9cc73a2b1225bc2e45c5f7d9abc70dd065ccbc031eede7ee473a7be0ab0e600cd5670c46c8c51a24f9827ba67e7bb71411877f21ffaffea92e3d1b3bf64
-
SSDEEP
24576:CktHJSLLbT1Gv6QC34VCNkag5LyBTm0Eh0lhSMXlbg61h3C3eLPDSVXT5X2EPRtW:jtHYNGBC344Nkawy9XH1IuYXT5XH01
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2260 wrote to memory of 1736 2260 4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe 30 PID 2260 wrote to memory of 1736 2260 4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe 30 PID 2260 wrote to memory of 1736 2260 4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe 30
Processes
-
C:\Users\Admin\AppData\Local\Temp\4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe"C:\Users\Admin\AppData\Local\Temp\4c3cd74d96e5f43dcfc65bbbf6ac916a4abb316942371577cc91a425f9a47a82.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2260 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2260 -s 1442⤵PID:1736
-